Daily NCSC-FI news followup 2020-01-25

Kyberhäiriötilanteisiin kannattaa valmistautua jo etukäteen varautumista koskevat suositukset ja sääntely koottiin yhteen

www.epressi.com/tiedotteet/tietoturva/kyberhairiotilanteisiin-kannattaa-valmistautua-jo-etukateen-varautumista-koskevat-suositukset-ja-saantely-koottiin-yhteen.html Huoltovarmuusorganisaation Digipooli ja Tietoliikenteen ja tietotekniikan keskusliitto FiCom ry ovat julkaisseet suositukset kyberturvallisuudestaan huolehtiville yrityksille sekä IT- ja tietoturvapalveluiden tarjoajille. Suosituksia tarjoillaan kolmeen vaiheeseen: ennen sopimista, palvelun ylläpidossa ja häiriötilanteissa huomioitaviin asioihin.

Does Your Domain Have a Registry Lock?

krebsonsecurity.com/2020/01/does-your-domain-have-a-registry-lock/

Hackers target unpatched Citrix servers to deploy ransomware

www.zdnet.com/article/hackers-target-unpatched-citrix-servers-to-deploy-ransomware/ REvil ransomware gang has been spotted abusing Citrix bug to infect victims.

Nice Try: 501 (Ransomware) Not Implemented

www.fireeye.com/blog/threat-research/2020/01/nice-try-501-ransomware-not-implemented.html

NSA Releases Guidance on Mitigating Cloud Vulnerabilities

www.us-cert.gov/ncas/current-activity/2020/01/24/nsa-releases-guidance-mitigating-cloud-vulnerabilities

Russian Pleads Guilty to Running ‘CardPlanet’ to Sell Stolen Credit Cards

thehackernews.com/2020/01/russian-credit-card-hacker.html Aleksei Burkov, a 29-year-old Russian hacker, on Thursday pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud.

Citrix Releases Final Patch as Ransomware Attacks Ramp Up

www.bleepingcomputer.com/news/security/citrix-releases-final-patch-as-ransomware-attacks-ramp-up/ Citrix released the final permanent fix for the actively exploited CVE-2019-19781 vulnerability, needed to secure all vulnerable Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances.

New Ryuk Info Stealer Targets Government and Military Secrets

www.bleepingcomputer.com/news/security/new-ryuk-info-stealer-targets-government-and-military-secrets/ A new version of the Ryuk Stealer malware has been enhanced to allow it to steal a greater amount of confidential files related to the military, government, financial statements, banking, and other sensitive data.

DOS Exploit PoC Released for Critical Windows RDP Gateway Bugs

www.bleepingcomputer.com/news/security/dos-exploit-poc-released-for-critical-windows-rdp-gateway-bugs/ A proof-of-concept (PoC) denial of service exploit has been published by Danish security researcher Ollypwn for the CVE-2020-0609 and CVE-2020-0610 flaws affecting the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices.

City of Potsdam Servers Offline Following Cyberattack

www.bleepingcomputer.com/news/security/city-of-potsdam-servers-offline-following-cyberattack/ The City of Potsdam severed the administration servers’ Internet connection following a cyberattack that took place earlier this week. Emergency services including the city’s fire department fully operational and payments are not affected.

U.S. Govt Agency Hit with New CARROTBALL Malware Dropper

www.bleepingcomputer.com/news/security/us-govt-agency-hit-with-new-carrotball-malware-dropper/ A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea.

You might be interested in …

Daily NCSC-FI news followup 2019-07-09

Serious Zoom security flaw could let websites hijack Mac cameras www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed. Exclusive: The true origins […]

Read More

Daily NCSC-FI news followup 2019-07-19

Security Lessons From a New Programming Language www.darkreading.com/application-security/security-lessons-from-a-new-programming-language/d/d-id/1335300?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process. It’s never good when ‘Magecart’ and ‘bulletproof’ appear in the same sentence, but here we are www.theregister.co.uk/2019/07/18/magecart_ukraine_hosting/ Researchers with security shop Malwarebytes […]

Read More

Daily NCSC-FI news followup 2020-03-10

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide thehackernews.com/2020/03/necurs-botnet-takedown.html Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. Fingridin kumppani joutui tietomurron uhriksi Verkot ovat hyvin suojassa edelleen www.is.fi/digitoday/tietoturva/art-2000006434452.html Hyökkäys […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.